I’ve created a list of banned users in my realtime Database and I want to make them impossible to log-in, I know I can use the database rules, but I don’t know how, can someone help me?
This is my database structure:
/banned-users:
/UserId1:True
/UserId2:True
Those are my database rules:
{
"rules": {
".read": true,
".write": true
}
}
>Solution :
You need to reference data in other paths as follows:
{
"rules": {
"thepath": {
".read": "root.child('banned-users').child(auth.uid).val() !== true"
".write": "root.child('banned-users').child(auth.uid).val() !== true"
}
}
}
Note that actually you don’t "make them impossible to log-in", because this is not possible, but you prevent them writing to/reading from your database.